| Summary: | ASTERISK-17610: Crash on chan_iax2.so | ||
| Reporter: | mgrobecker (mgrobecker) | Labels: | |
| Date Opened: | 2011-03-26 12:49:50 | Date Closed: | 2011-08-23 23:45:21 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Channels/chan_iax2 |
| Versions: | 1.8.3 | Frequency of Occurrence | |
| Related Issues: | |||
| Environment: | Attachments: | ( 0) 17610_v2.diff ( 1) backtrace.26310-public-anonym.txt | |
| Description: | We have an Asterisk 1.8.3.2 installation which crashes about 1-2 times a day (it really dies and the process disappears). We were unable to reproduce this by trying the wildest things we could imagine... Since this instance is used in production environment I was unable to generate a backtrace but will do it as soon as possible - I need to recompile it in order to make useful backtraces. But when I start Asterisk without detatching it from console I am able to see "the last words" before it crashes: [Mar 26 14:52:28] NOTICE[3893]: chan_sip.c:19583 handle_response_peerpoke: Peer 'xxxxxxxx' is now Reachable. (492ms / 1000ms) *** glibc detected *** asterisk: double free or corruption (out): 0x00007f9be80f0010 *** [Mar 26 14:52:32] ERROR[3897]: astobj2.c:258 internal_ao2_ref: refcount -1 on object 0x7f9be8092518 ======= Backtrace: ========= /lib/libc.so.6[0x7f9c1aaca9a8] /lib/libc.so.6(cfree+0x76)[0x7f9c1aaccab6] /usr/lib/asterisk/modules/chan_iax2.so[0x7f9c005eadfc] asterisk[0x43da0a] /usr/lib/asterisk/modules/chan_iax2.so[0x7f9c0060c420] asterisk[0x53532c] /lib/libpthread.so.0[0x7f9c1a63dfc7] /lib/libc.so.6(clone+0x6d)[0x7f9c1ab2664d] ======= Memory map: ======== 00400000-005b7000 r-xp 00000000 09:00 11097550 /usr/sbin/asterisk 007b7000-007f2000 rw-p 001b7000 09:00 11097550 /usr/sbin/asterisk 007f2000-0082d000 rw-p 007f2000 00:00 0 0106d000-01310000 rw-p 0106d000 00:00 0 [heap] 40020000-40021000 ---p 40020000 00:00 0 40021000-4009c000 rw-p 40021000 00:00 0 402e4000-402e5000 ---p 402e4000 00:00 0 402e5000-40360000 rw-p 402e5000 00:00 0 40360000-40361000 ---p 40360000 00:00 0 40361000-403dc000 rw-p 40361000 00:00 0 406a5000-406a6000 ---p 406a5000 00:00 0 406a6000-40721000 rw-p 406a6000 00:00 0 4098f000-40990000 ---p 4098f000 00:00 0 40990000-40a0b000 rw-p 40990000 00:00 0 40a0b000-40a0c000 ---p 40a0b000 00:00 0 40a0c000-40a87000 rw-p 40a0c000 00:00 0 40a87000-40a88000 ---p 40a87000 00:00 0 40a88000-40b03000 rw-p 40a88000 00:00 0 40b03000-40b04000 ---p 40b03000 00:00 0 40b04000-40b7f000 rw-p 40b04000 00:00 0 40bc5000-40bc6000 ---p 40bc5000 00:00 0 40bc6000-40c41000 rw-p 40bc6000 00:00 0 40cb8000-40cb9000 ---p 40cb8000 00:00 0 40cb9000-40d34000 rw-p 40cb9000 00:00 0 40e6b000-40e6c000 ---p 40e6b000 00:00 0 40e6c000-40ee7000 rw-p 40e6c000 00:00 0 40ef1000-40ef2000 ---p 40ef1000 00:00 0 40ef2000-40f6d000 rw-p 40ef2000 00:00 0 40f7a000-40f7b000 ---p 40f7a000 00:00 0 40f7b000-40ff6000 rw-p 40f7b000 00:00 0 4100b000-4100c000 ---p 4100b000 00:00 0 4100c000-41087000 rw-p 4100c000 00:00 0 41087000-41088000 ---p 41087000 00:00 0 41088000-41103000 rw-p 41088000 00:00 0 41103000-41104000 ---p 41103000 00:00 0 41104000-4117f000 rw-p 41104000 00:00 0 411cd000-411ce000 ---p 411cd000 00:00 0 411ce000-41249000 rw-p 411ce000 00:00 0 412fe000-412ff000 ---p 412fe000 00:00 0 412ff000-4137a000 rw-p 412ff000 00:00 0 4137a000-4137b000 ---p 4137a000 00:00 0 4137b000-413f6000 rw-p 4137b000 00:00 0 41468000-41469000 ---p 41468000 00:00 0 41469000-414e4000 rw-p 41469000 00:00 0 414e4000-414e5000 ---p 414e4000 00:00 0 414e5000-41560000 rw-p 414e5000 00:00 0 41560000-41561000 ---p 41560000 00:00 0 41561000-415dc000 rw-p 41561000 00:00 0 415dc000-415dd000 ---p 415dc000 00:00 0 415dd000-41658000 rw-p 415dd000 00:00 0 41658000-41659000 ---p 41658000 00:00 0 41659000-416d4000 rw-p 41659000 00:00 0 416d4000-416d5000 ---p 416d4000 00:00 0 416d5000-41750000 rw-p 416d5000 00:00 0 4179a000-4179b000 ---p 4179a000 00:00 0 4179b000-41816000 rw-p 4179b000 00:00 0 41816000-41817000 ---p 41816000 00:00 0 41817000-41892000 rw-p 41817000 00:00 0 41898000-41899000 ---p 41898000 00:00 0 41899000-41914000 rw-p 41899000 00:00 0 41914000-41915000 ---p 41914000 00:00 0 41915000-41990000 rw-p 41915000 00:00 0 41990000-41991000 ---p 41990000 00:00 0 41991000-41a0c000 rw-p 41991000 00:00 0 41a2e000-41a2f000 ---p 41a2e000 00:00 0 41a2f000-41aaa000 rw-p 41a2f000 00:00 0 41c57000-41c58000 ---p 41c57000 00:00 0 41c58000-41cd3000 rw-p 41c58000 00:00 0 41de1000-41de2000 ---p 41de1000 00:00 0 41de2000-41e5d000 rw-p 41de2000 00:00 0 41e5d000-41e5e000 ---p 41e5d000 00:00 0 41e5e000-41ed9000 rw-p 41e5e000 00:00 0 41ff5000-41ff6000 ---p 41ff5000 00:00 0 41ff6000-42071000 rw-p 41ff6000 00:00 0 7f9be8000000-7f9be8145000 rw-p 7f9be8000000 00:00 0 7f9be8145000-7f9bec000000 ---p 7f9be8145000 00:00 0 7f9bf0000000-7f9bf263e000 rw-p 7f9bf0000000 00:00 0 7f9bf263e000-7f9bf4000000 ---p 7f9bf263e000 00:00 0 7f9bf5597000-7f9bf55ad000 r-xp 00000000 09:00 10559532 /lib/libgcc_s.so.1 7f9bf55ad000-7f9bf57ad000 ---p 00016000 09:00 10559532 /lib/libgcc_s.so.1 7f9bf57ad000-7f9bf57ae000 rw-p 00016000 09:00 10559532 /Abgebrochen I noticed that each crash report mentions "chan_iax2.so". Customers can use IAX to place VoIP calls over this Asterisk, maybe someone is using a buggy IAX client. I can generate a full backtrace on next monday but I thought this error report might help. Thank you! ****** ADDITIONAL INFORMATION ****** There are several Asterisk instances running on this machine which are seperated into their own subdirectories. The only directories which are shared are the "modules" and "sounds" directory. But there is only one instance which crashes about 1-2 times a day without leaving messages in the logfile. Asterisk 1.8.3.2 running on Debian Lenny x64 with - MySQL Realtime - MP3 codec - libresample (from Digium SVN) | ||
| Comments: | By: mgrobecker (mgrobecker) 2011-03-28 10:25:37 Today I recompiled Asterisk and generated core dumps and attached the backtrace. There are two calls which are set up via manager console and should be bridged. Both calls are terminated to PSTN, but in most cases the Asterisk dies when the second call is making progress (e.g. ringing). By: Russell Bryant (russell) 2011-07-15 14:48:43.062-0500 Your backtrace appears to contain memory corruption and we require valgrind output in order to move this issue forward. Please see https://wiki.asterisk.org/wiki/display/AST/Valgrind for more information about how to produce debugging information. Thanks! By: David Vossel (dvossel) 2011-07-20 10:33:31.661-0500 Please test the attached patch against 1.8 and verify if this resolves your issue. By: David Vossel (dvossel) 2011-07-20 16:05:16.779-0500 I'm sorry, the first patch I uploaded had an error in it. Please try 17610_v2.diff | ||